885a5af7b5f68ab8a0162aa60d17ef57248bfa5f5a25a0a3f64e93356e2c5c60 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

885a5af7b5f68ab8a0162aa60d17ef57248bfa5f5a25a0a3f64e93356e2c5c60
Size

33KB
Sample

240419-tpvz3shf7y
MD5

ac6080a020d9a92cc6871935ad621ad7
SHA1

bf867bb80c4dd185809b3d70362c01444df022b9
SHA256

885a5af7b5f68ab8a0162aa60d17ef57248bfa5f5a25a0a3f64e93356e2c5c60
SHA512

6ce643c43688992febad2a5fad31168366a45f95fdedd5927152ac71dc3c31566f644a4342dd230c2b20ed84a842e8e76098e5cc952f75bb3e365471621bec6c
SSDEEP

768:22ssXO5RroZJ767395uINbaNslPX4S8bKvN1:2Ye+Zk77RN++t4SMKvL

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  885a5af7b5f68ab8a0162aa60d17ef57248bfa5f5a25a0a3f64e93356e2c5c60
- Size
  
  33KB
- MD5
  
  ac6080a020d9a92cc6871935ad621ad7
- SHA1
  
  bf867bb80c4dd185809b3d70362c01444df022b9
- SHA256
  
  885a5af7b5f68ab8a0162aa60d17ef57248bfa5f5a25a0a3f64e93356e2c5c60
- SHA512
  
  6ce643c43688992febad2a5fad31168366a45f95fdedd5927152ac71dc3c31566f644a4342dd230c2b20ed84a842e8e76098e5cc952f75bb3e365471621bec6c
- SSDEEP
  
  768:22ssXO5RroZJ767395uINbaNslPX4S8bKvN1:2Ye+Zk77RN++t4SMKvL
Score

7^/10

spyware stealer
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2